Information Governance Requirements Nhs

5.5 HEE will have clear agreements and procedures for liaising with the media and dealing with requests from members of the public. ii). Legal Compliance 5.6 We recognise that personally identifiable information relating to employees or individuals with whom we do business is confidential, unless publicly available or disclosed in accordance with the provisions of the Freedom of Information Act 2000. 6.5 The Chief Information Officer should ensure that appropriate security assessments are conducted for proposed and existing information systems. 5.13 Managers are expected to adopt the quality of information in their service areas and strive for continuous improvement. Information governance (IG) is the framework for the secure and confidential handling of information, enabling organizations and individuals to manage patient, personal and sensitive information legally, securely, efficiently and effectively to provide the best possible healthcare and services. 5.14 To the extent possible, the quality of information should be ensured at the time of collection. Defines legal responsibilities for information management in NHS organisations. For more information, please email caldicott.guardian@hra.nhs.uk. 4.1 HEE recognizes the need for a balance between openness and confidentiality in the management and use of information.

We fully support the principles of corporate governance and public accountability, but also recognize the need for confidentiality, underpinned by safeguards to protect employees` personal data and commercially sensitive and other confidential information. We also recognize the need to share confidential and personal information with stakeholders and others with whom we do business in a controlled manner that is consistent with the interests of such confidentiality and, in certain circumstances, the public interest. IG discusses the standards that should apply when handling information. Information processing has five main aspects that include how information is obtained, recorded, stored, used and shared. Therefore, it is of paramount importance that the Trust ensures that all information: Dame Fiona Caldicott independently advises on the use of confidential health and care information. 1.5 This guideline sets out the standards that HEE applies to information governance. All information assets and related systems are identified and included in an information asset registry and are subject to annual information asset assessments. The main information assets managed by HRA are: 1.2 Information is an important asset for HEE, both in terms of its activities and the effective management of resources and services. It plays a key role in our governance, performance management and planning. A Caldicott Guardian is a primary person responsible for protecting the confidentiality of information about the health and care of individuals and ensuring that it is used appropriately. 5.4 All persons may access their personal data in accordance with data protection law.

5.11 We will establish and maintain incident reporting procedures and monitor and investigate all reported cases of actual or potential breaches of privacy, loss of personal data and security breaches. iv) Information Quality Assurance 5.12 HEE will establish and maintain policies and procedures for information quality assurance and effective records management. 6.1 The deputy head has overall responsibility for procedural documents within HEE. As the accountable executive, the deputy head has overall responsibility for establishing and maintaining an effective records management system and controlling information to meet all regulatory requirements. 6.9 All employees, whether permanent, temporary or contract, and contractors are responsible for ensuring that they are aware of the requirements of the Policy and are respected in the conduct of day-to-day business. 2.3 In order to protect the organization`s information assets against any internal or external threat, intentional or accidental, HEE shall ensure: 2.1 The purpose of this document is to provide guidance on information governance processes, procedures and responsibilities to all HEE employees, including those covered by a power of attorney or honour contract, a fixed-term contract, work experience and third parties. NHS Digital provides guidance on how to protect data and handle information securely. Our guidelines are designed to help health and care organizations meet the standards required for handling care information. HRA`s Caldicott Guardian is Jonathan Fennelly-Barnwell, deputy director of permits. We use the Caldicott Principles to ensure that we keep people`s information confidential and that we use it properly. GI requirements for organisations accessing NHS digital services, including N3. 6.4 The Chief Information Governance Officer is responsible for the day-to-day oversight of information governance, the development and maintenance of policies, procedures, guidelines and standards, the coordination of work across the organization and the awareness of information governance best practice standards.

It brings together all legal requirements, standards and best practices (including policies and procedures, management and reporting agreements, processes and controls, and training) that apply to the handling of patient, personal and sensitive information, including but not limited to: 9.1 All information governance policies and procedures are regularly reviewed and reviewed to provide assurance to the Executive Team and the Audit and Risk Management Committee that it will continue to be intended for the purpose and that HEE will remain compliant. 6.2 Chief Information Risk Officer (CISO): Lee Whitehead, Director of Human Resources and Communications, has ultimate responsibility for HEE`s information governance policy and ensures that it complies with legal and NHS requirements. 1.1 Health Education England (HEE) exists to support the provision of excellent healthcare and improved health to patients and the public in England by ensuring that the workforce of today and tomorrow has the right numbers, skills, values and behaviours at the right time and in the right place. In doing so, HEE will seek to achieve the objectives set out in the mandate and respect the NHS Constitution. This policy is important because it will help those who work for HEE understand how to take care of the information they need for their work and protect that information to the best of their ability. These guidelines include legal and professional obligations that affect the management, use and disclosure of information. It will be particularly useful for those working in the field of information governance. 5.8 We will establish, where appropriate, and maintain policies for the controlled sharing of personal data with other authorities, taking into account relevant laws and directives of the Information Commissioner`s Office. iii). Information Security 5.9 HEE will establish and maintain policies for the effective and secure management of its information assets and resources within its computer network. 1.4 It is important that information be managed effectively and supported by appropriate policies and procedures that provide a strong governance framework. 6.3 The Caldicott Guardian: Professor Wendy Reid, Executive Director of Education and Quality and National Medical Director, is responsible for protecting the confidentiality of patient and service user information and facilitating appropriate information sharing.

We believe that accurate, relevant and timely information is essential to providing quality services. It is the responsibility of all employees to ensure the quality of the information they use in their work and to use it to enable meaningful, evidence-based decisions. For HRA, information governance is a framework for handling not only personal and sensitive information, but also all information in a robust and transparent manner, applying confidentiality and security where appropriate and maintaining high ethical and quality standards. These include: An overview of information governance (IM) processes and support to health and care organizations. IG applies and affects anyone who works for or on behalf of the NHS. In addition, anyone working in the NHS has a legal obligation to keep information about others secure and confidential. Our Data Security Center supports health and care to ensure the security of patient information and IT systems. NHSX now offers strategic advice on information governance. 1.3 Information governance is a framework for the confidential and secure handling of personal data in accordance with appropriate ethical and qualitative standards in a modern health system.